I remember reading this ages ago, and a couple of weeks ago I decided to give it a try.
I was amazed to see not only that this works, but that it even works on Windows7. Granted you do need some extra steps to make this happen in the later.

According to the sandbox manpage:The sandbox facility allows applications to voluntarily restrict their access to operating system resources. This safety mechanism is intended to limit potential damage in the event that a vulnerability is exploited. It is not a replacement for other operating system access controls.